In April of 2010, Steve Jobs wrote a detailed open letter called Thoughts on Flash. It was his rationale as to why iPhones and iPads would probably never support Adobe Flash. And they never have.
Adobe will end development and support for Flash in 2020, ten years after Steve Jobs’ letter.
In the meantime, Flash continues to pose a security risk to small businesses and to computer users everywhere.
Recent Adobe Flash Issues
In October, 2017, Adobe found a critical vulnerability in Flash Player which, if successfully exploited, “could cause a crash and potentially allow an attacker to take control of the affected system.”
Since then, there has been a Fake Adobe Flash Update scam, which affected Mac users.
As of the date of this blog post, the latest Adobe Security Bulletin for Flash states that all versions of Flash prior to version 18.104.22.168 contain a critical vulnerability.
In the bulletin, Adobe warns that successful exploitation of the vulnerability could lead to “arbitrary code execution in the context of the current user”. This type of flaw allows hackers to force a computer into running malware.
Protecting Your Business From Flash Scams & Vulnerabilities
Flash is ongoing bad news from a security perspective. Here are several things for you and your staff to consider until Flash’s ultimate demise:
1. Most of the sites that still use Adobe Flash today will be moving to alternatives in the next few years. In fact, if you go to a site and see a prompt like this in your browser, you may want to simply move on.
2. If you use Chrome or Edge, the Adobe Flash Player plugin will automatically update.
3. If you regularly use Chrome or Edge, you might as well uninstall the Adobe Flash Player Desktop Runtime (for Windows, Macintosh or Linux). You don’t need it.
4. Never click through any Flash Player update that automatically pops up! It could be a fake.
5. If you must install or update the Desktop Runtime player of Flash, go to https://get.adobe.com/flashplayer/. When you install, choose the default option of “Allow Adobe to Install Updates (recommended).” Adobe will automatically update the player. You’ll never need to click through a Flash Player update, real or fake.
Oh yes, work with your local IT support company to protect you and your users, should someone take a hacker’s bait.